I'm not able anymore to acces via ssh - authentication

For a project, I need to access the faculty server
Remotely through ssh after connecting the faculty VPN with my credentials.
Before,I log in quietly until recently with:
ssh my_name_user#147.163.26.244
it appeared to enter the password and entering the credentials I accessed the server (actually a virtual machine mounted on the server for me).
Now with the command above nothing happens and after waiting a bit I get:
ssh: connect to host 147.163.26.244 port 22: Connection timed out
What may have happened?
Yesterday I changed my password to access University services (mandatory after 3 months for security reasons). After doing so I had to change that new password in the VPN configurations and I was able to have access to the VPN and also to the server, until this all ok. From today at 13.00 this problem occurs.
Does anyone have any idea what this is all about?
(I'm on Ubuntu. The server(the virtual machine is a Lubuntu system))
Thanks for your attention.
Update:
The command
ping 147.163.26.244
gives me:
PING 147.163.26.244 (147.163.26.244) 56(84) bytes of data.
and
telnet 147.163.26.244 22
gives:
Trying 147.163.26.244...
and it remain running. What can I deduce?

As ssh shows connection timeout its nothing to do with your credentials. It hasn't go to the authentication level but failing before that itself.
First of all check if the IP is accessible from you machine using Ping (hoping ICMP should be allowed by the Firewall).
ping server_ip
If it shows not accessible- then make sure there is a route for the IP/IP subnet of the server IP through the vpn tunnel. You can do it by using route/netstat
example
netstat -nr | grep "147.163"
If route is not present you may have to add a route for this IP through the VPN tunnel. You can find the "route add.." or "ip route add ... " commands for this from google depending on your machine platform.
If the Ping shows the IP is pinging, we need to make sure the ssh service is running on the port 22. Just do a telnet and check
telnet <server_ip> 22
if the connection shows UP, in your case which shouldn't show UP btw :)as you got a timeout already. Then problem can be
(1) ssh service not running
(2) any firewall blocking your connection
You may have to get in touch with the ADMIN in that case.
===== Update =========
I guess your ping itself is failing.
Ping should show it is getting response.
example :
XXXXXXX$ ping 216.58.217.174
PING 216.58.217.174 (216.58.217.174): 56 data bytes
64 bytes from 216.58.217.174: icmp_seq=0 ttl=43 time=273.068 ms
64 bytes from 216.58.217.174: icmp_seq=1 ttl=43 time=317.405 ms
64 bytes from 216.58.217.174: icmp_seq=2 ttl=43 time=361.682 ms
64 bytes from 216.58.217.174: icmp_seq=3 ttl=43 time=266.436 ms
Check for the routes in your machine using route or netstat.
Possibilities :
server is down
Proper route is not present for the IP/subnet of the ssh server through VPN tunnel

Related

SSH not working locally but is working externally after running nmap

I need to be able to SSH into a device on my network. Normally I am able to simply ssh into its local IP address.
I recently ran an nmap scan on it, and now when I try to ssh into its local IP address, I recieve the following:
kex_exchange_identification: read: Connection reset by peer
Connection reset by <IP> port 22
This network is setup in a somewhat unique way. It has one router that manages the Wi-Fi network (what my machine is connected to) which is connected to another box that also acts as the modem. IP addresses that are connected to the Wi-Fi box start with 192.168, whereas those connected to the modem box start with 10.0. The device I am trying to access is connected to the modem box.
Historically, just typing in its 10.0. local address has allowed me to ssh into it with no issue, even though my device is on the 192.168 network, and arp -a does not show it.
Checking the ssh logs of the device via journalctl -fu ssh, I can see that every failed ssh attempt is accompanied by the following message:
Connection reset by 10.0.0.96 port 49949 [preauth]
I do not recognize the IP above, and the port changes every time.
Is this some sort of anti-spam protection that was triggered by my use of nmap? I know it's not just my computer because I am unable to ssh into the device from anything else on my network.
Note that connecting to a VPN then using SSH to connect to the external IP address (which is port-forwarded properly) works, as does connecting via ssh to the machine from the machine itself (127.0.0.1)l
How can I fix this issue?

Ubuntu Jump Host in Open Telekom Cloud not working as expected

Currently, I have built a small datacenter environment in OTC with Terraform. based on Ubuntu 20.04 images.
The idea is to have a jump host in the setup phase and for operational purposes that allows spontaneous access to service frontends via ssh proxy jumps without permanently routing them to the public net.
Basic setup works fine so far - I can access the jump host with ssh, and can access the internal machines from there with ssh when I put the private key onto the jump host. So, cloudwise the security seems to be fine. Key pair is generated with ed25519, I use the same key for jump host and internal servers (for now).
What I cannot achieve is the proxy jump as a chained command from my outside machine.
On the jump host, I set AllowTcpForwarding to "yes" in /etc/ssh/sshd_config and restarted ssh and sshd services.
My current local ssh config looks like this:
Host otc
User ubuntu
Hostname <FloatingIP-Address>
Port 22
StrictHostKeyChecking=no
UserKnownHostsFile=/dev/null
IdentityFile= ~/.ssh/ssh_access
ControlPath ~/.ssh/cm-%r#%h:%p
ControlMaster auto
ControlPersist 10m
Host 10.*
User ubuntu
Port 22
IdentityFile=~/.ssh/ssh_access
ProxyJump otc
StrictHostKeyChecking=no
UserKnownHostsFile=/dev/null
I can use this to ssh otc to the jump host.
What I would expect is that I could use e.g. ssh 10.0.0.56 to reach an internal host without further ado. As well I should be able to use commands like ssh -L 8080:10.0.0.56:8080 10.0.0.56 -N to map an internal server's port to a localhost port on my external machine. This is how I managed that successfully on other hosting scenarios in the public cloud.
All I get is:
Stdio forwarding request failed: Session open refused by peer
kex_exchange_identification: Connection closed by remote host
Journal on the Jump host says:
Jul 30 07:19:04 dev-nc-o-bastion sshd[2176]: refused local port forward: originator 127.0.0.1 port 65535, target 10.0.0.56 port 22
What I checked as well:
ufw is off on the Jump Host.
replaced ProxyJump configuration with ProxyCommand
So I am at the end of my knowledge. Has anyone a hint what else could be the reason? Any help welcome!
Ok, cause is found (but not yet fully explained).
My local ssh setting was allowing multiplexed forwards (ControlMaster auto ) which caused the creation of a unix socket file for the Controlpath in ~/.ssh.
I had to login to the jump host to AllowTcpForwarding in the first place.
After rebooting the sshd, I returned to the local machine and the failure occured when trying to forward to the remote internal machine.
After deleting the socket file in ~/.ssh, the connection can now be established as needed. Obviously, the persistent tunnel was not impacted by the restarted daemon on the jump host and simply refused to follow the new directive.
This cost me two days. On the bright side, I learned a lot about ssh :o

SSH Not Working with Cisco Integrated Services Router

I'm trying to ssh into my cisco ISR router. DHCP is working and I can ping the default gateway (the ISR), and can ssh with other devices on the LAN. so I know the LAN connection isn't the problem. I set up a local user that works with console logins so that's not the problem either.
I set up my ssh connection on the router with the following commands:
(config)#line vty 0 21
(config-line)#login local
(config-line)#exec-timeout 3
(config-line)#rotary 1
(config-line)#transport input ssh
(config)#crypto key generate rsa
(config)#ip ssh version 2
(config)#ip ssh port 2222 rotary 1
(config)#ip ssh authentication-retries 3
Then when I nmap the router it has the following ports open:
PORT STATE SERVICE
22/tcp open ssh
However, every time I try to log in to the router I get a Network is unreachable error. This is using the 2222 and 22 port and testing the normal IP and the hostname#ip formats for ssh and absolutely nothing works. I managed to get into telnet with the default settings earlier, but I'm not sure how to get in with SSH.
Thank you all for the help, I know it was very open ended so just let me know anything that could be helpful and I'll provide it.
One logical test step to do, would be switch back to port 22.
Network unreachable usually indicates there's no packet response coming from the host.
It could be because of multiple reasons, but since you've mentioned that ping and telnet went fine. I'd suggest you revert the port config, restart the unit once. See how it goes.
Other possible reasons could be ACL block and/or firewall block on your machine but I think it's unlikely.

Force docker-machine to specific IP using Hyper-V, network unreachable

I have found a partial answer to this question, and it is successfully setting the machine at the desired IP address. But the network is unreachable from inside a docker-machine created with the Hyper-V driver.
The TLDR on the answer above is to create a script, /var/lib/boot2docker/bootsync.sh:
sudo cat /var/run/udhcpc.eth0.pid | xargs sudo kill
sudo ifconfig eth0 192.168.XXX.YYY netmask 255.255.255.0 broadcast 192.168.XXX.255 up
Once I make the script, I restart the machine.
When I restart the machine, the IP is set to my desired address (expected). I can remote in at the address, so it is at least available through the host. But when I test for connections, there is no connection to the internet (unexpected).
Boot2Docker version 17.05.0-ce, build HEAD : 5ed2840 - Fri May 5 21:04:09 UTC 2017
Docker version 17.05.0-ce, build 89658be
docker#machine:~$ docker pull ubuntu
Using default tag: latest
Error response from daemon: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io on [::1]:53: read udp [::1]:48331->[::1]:53: read: connection refused
docker#machine:~$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
ping: sendto: Network is unreachable
If I remove the script and restart again, I am reassigned a new/random IP address (expected), remote in at that new IP address, and can do network connections (expected):
docker#pm:~$ docker pull ubuntu
Using default tag: latest
latest: Pulling from library/ubuntu
aafe6b5e13de: Pull complete
0a2b43a72660: Pull complete
18bdd1e546d2: Pull complete
8198342c3e05: Pull complete
f56970a44fd4: Pull complete
Digest: sha256:f3a61450ae43896c4332bda5e78b453f4a93179045f20c8181043b26b5e79028
Status: Downloaded newer image for ubuntu:latest
docker#pm:~$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=43 time=18.424 ms
64 bytes from 8.8.8.8: seq=1 ttl=43 time=27.638 ms
The accepted answer has several up votes, but it reads like this is a confirmed work around on VirtualBox. Not sure what about Hyper-V would be causing the IP assignment to cut off internet access.
I had the same problem, and I solved it by adding the following to the end of bootsync.sh:
route add default gw <address>
There was no default route to the gateway or the internet, so it must be set manually.

Unable to connect on GitLab.com since 2 days (HTTP, SSH...)

Let me explain my very strange problem. I have one server (Linux Debian Jessie) which had access to my git repository on gitlab.com
Two days ago, I tried to pull some modifications on this server with a simple git pull. I received an error message :
ssh: connect to host gitlab.com port 22: Connection timed out
Si I have done some tests
1. TELNET
To understand why, I have tried a telnet on 22 port = TIMEOUT
2. IPTABLES
I checked my iptables to be sure that SSH port was allowed. It is. If I try a telnet on another service for example like github.com, it works. So I'm allowed in OUTPUT on this port.
3. PING
I thought a ip translation problem. I have done a ping, I obtain this message :
PING 104.210.2.228 (104.210.2.228) 56(84) bytes of data.
--- 104.210.2.228 ping statistics ---
87 packets transmitted, 0 received, 100% packet loss, time 86534ms
4. FAIL2BAN
I use fail2ban, so I have checked if gitlab was in jail address, but it seems not.
So my problem is that I can't reach gitlab.com
If I try from my local machine or from another server, I don't have this problem. It works.
I can't reach gitlab.com only from this server but I don't know why. Maybe someone has an idea which cans be very precious to help me ?
Probably some modification of firewall caused this. For a quick solution use http protocol instead of ssh. Change your url in the git config file to http.
git config --local -e
change entry of
url = git#gitlab.com:username/repo.git , to
url = https://gitlab.com/username/repo.git
You need to give your username and password to authenticate yourself while making a push or pull though as it's http based.